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1 (57) Abstract 



In a method and a de- 
vice for partial encryption and 
nrogressive transmission of im- 
ages, a first section of *0 im- 
age file is compressed at reduced 
quality without decryption, and 
1 a second section of the image 
I file is encrypted. Users having 
access to appropriate decryption 
keywords can decrypt this sec- 
ond section. Ttie first section 
together with the decrypted sec- 
ond section can then be^rewed 
I as a full quality image. * “=• wx* 

age space required for stonng the 

first and section together is es- 
sentially the same as the stor- 
age space required for stonng 
the unencrypted full quf'ty im- 
aae. By using the method and 
device as described herein stor- 
age and bandwidth requirements 
for partially encrypted images is 
reduced. Furthermore, object 
based composition and process- 
1 mg of encrypted objects are fa- 
cilitated. and ROls can be eo- 




mg ui jy * . . . 
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object can 



be decrypted and restored in the compressed domain. 
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A METHOD AND A DEVICE FOR ENCRYPTION OF IMAGES 

TECHNICAL FIELD method and a device for 

The present invention relates 

encrypting images. 

uapkcROUND OF THE INVENTION AND PRIOR ART 

BACKGROUND of data , s a teclmieal field which becomes 

inportan^when transmitting and storing secret information or 
information which only shall be available to a ° 

the information. Thus, several methods for encrypting digital 
mate are in frequent use. Such methods can also 
no digital image data. Examples of encryption methods axe DES, 

triple DES and the public-key RSA method. 

j ^r, carvers and distributed over a 
Digital images can be stored ^ ^ ^es can also 

telecommunication netw storag e medium such as a CD-ROM. 

ha distributed using a H aC cess control that suits 

Service provider s ne conceJtt it might be suitable to 

their business model . ^ £ull access t o 

offer Partial accese to on ^ ^ ^ ^ ^ musc be 

"U - prevent all users from having full access 

to all image data. 

be offered for sale on the Internet. 

r s^:r^ :~ts *. a 

version of the »«• „ imaga . pay for the service end 

allowed to download a full .rality image. 

However, such a service provider ^“^alternatively 

and download bit rat • CD-ROM CD-ROMs are given 

low-price . 'customers can view the images at a 
away or sold for a for viewing them at full 

reduced quality, but they - ^ ^ use the storage 

mialitv In the case the imag p 

quality. _i en tlv as possible, 

space on the CD-ROM as efficient y 
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It is also essential that customers always can access image 
using user friendly, standardised software. Image providers 
reluctant to design and support special image viewers, and 
customers don't want a proliferation of viewing tools. 

Presently, image providers have to store two versions of the 

images stored. The full quality version is stored as an 

encrypted image file. This means that the image first is 
compressed and stored in a compressed file format sue as 
or GIF. The compressed file is then encrypted using a suitabl 
encryption tool and an encrypted image file is stored The user 
must first decrypt this file and then access the resulting 
compressed image file using an image viewing tool. Red “ ca 
quality images are produced by processing the full quail y 
Lges in an image editing program. They are stored as separate 

compressed, image files. 

The problems with this solution are that at least two different 

versions of the same image need to he stored, and that both 
versions transmitted over the network in case of 

versions must a sterner first wants to see the free 

remote access in resolution 

low resolution image before paying for the full 

version. 

, lts in a significant disadvantage if the reduced 
Thrs results in ^ fraction of the image 

version image contain are 9 offered for sale to journals would 
information, mage preview at a fairly good quality 

in particular . detailed understanding of 

since journal editor ^ highest quality for 

the image content and a P , d require 10-50% of the 

printing. The reduced quality image could reguir 

storage space of the full quality image. 

T"ec^enr^ — 

which is . - 0 includes many new 

verification Model Version 2.0, ^ stU1 iina ge coding 

functionalities m comparison w metho ds for creating a 

^ iPPlicltion “ 
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can select a suitable progression mode. Individual objects 
within images can be accessed separately in the JPEG 1000 
bitstream and 'progressive transmission can be applied also 
objects, in JPEG 2000 there is also support for independently 

decodable coding units . 



SUMMARY , 

It is an object of the present invention to overcome the 

problems as outlined above and in particular to re uce e 
amount of memory required for storing an image, which par 1 Jf 
shall be possible to view, and also to reduce transmission time 
in a transmission scheme transmitting partially encrypte 
images - 

:::r” s ~ — •• 

Without decryption, i.e. the first low quality image is not 
encrypted, and where a second section of the image 
encrypted . 

Th us. users -ing access to Z 

decrypt this second section. The fir ^ ^ ^ 

decrypted second section can stor ing the first and 

image- The storage space requir ^ ^ the storage space 

section together is ^^^enclypted full quality image. The 
required for ^i^may. depending on the 

encryption of expansion of the second 

encryption method, imp y second section, 

section compared to the unencrypteo 

, eertitioned into multiple sections where 

The image can^lso „irh an individual encryption 

each section may be e ryp stored unencrypted, 

method and ~ Id device as described 

“ *■*“““* ? X coleseed images consist of a set of 
herein is that This makes it 

^"'perrl -cr^iOh operations in the compressed 

irl Wi^t perfotming entropy decoding. 
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A reduced quality image cam be produced according to several 
different main schemes, such as: 

1) Reduced resolution 

2) Reduced accuracy of the transform coefficients. 

3) Exclusion of predefined regions of interest (R 

Tbese methods can be chained so that a reduced 

e.g. produced by reducing both the resolution and the ac cy 
of the transform coefficients. 

By using the method and device for storing and transmitting 

image data as described herein, several advantages are o ai 

T1 J there is no need to store two different versions of an 

TZe if different users are to have access to different quality 

of the one and same image. Also, transmission times becme mu 

hhP information content of the first, low resolution, 
lower if the information co hicrher resolution 

i^ge data can be reused when transmitting the highe 

•j mage data . 

brief DESCRIPTION OF THE = drawls mote detail ^ 

The nresent invention will now De ue 

with reference to the accompanying drawings, 

_ a i view of the file structure of an image. 

; ^s.Ya^d ah shows encryption of images coded according to 

" f"t illustrating some steps carried out 

when encrypting an image. server process. 

. Fig. 4 is a diagram illustrating a client serv 

- Fig. 5 is a view of an encryp..— hea 

detailed description structure of an original, 

in Fig. 1. general view of^the fil^ ^ ^ ^ £ile 

high resolution, ima ££erent independently decodable coding 

consists of a number o structure shown in Pig • 

sections 101, 103 — ^ resolut ion version of a high 

!, the section 101. whi encryption and will therefore 

resolution image, is cou 
be possible to decode by any receiver. 
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• which combined with the 

The section 103, which comprises data, wm.cn 

The section resu lt in a medium resolution version of 

data of sec ion * encrypted using a first encryption 

r T:r::r:e= «««* 

— « ~~ - in the 

section 103 . 

• which combined with the 

i nc which comprises data, wniu 

o£ the high resolution image, is encrypted using a secon 
encryption method, and only receivers having access to the 
encryption key will be able to decode the data store 

section 105. 

.hue, decoding of the . section * decking of the 

resolution image — image da ta from the section 

section 3 1!^ resoiut . on Decryption 113 and 

101 a of the section 105 will, combined with the image data 
decoding of the sec . full resolution image 

from the sections 101 and 103 result m a 

115- 

Furthermore, implementation in ^ 

«■ - “ a r r s ":: - - «. *■ 

- - *— - - «rr“ so ttec a 

range of progressive modes can be suppcrte . 

. . , . . coding unit is a part of 

m 3000 verification o£ . given 

the bitstream * ca n be described as any 

subband. In general, a cod g in£o rmaticn. The general 

independently decod^le s^set^imaj, ^ ^ ^ inc iude so 

mechanism for ^”® es th e next ceding unit (it is 

r:;jfy - 

rris :r tnu S ,,, - ««. - 

ere needed for inserting explicit tags. 
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in Figs. 2a and 2b block diagrams describing bow encryption can 
be implemented in tbe JPEG 2000 encoder and decoder 
respectively, are shown. 

Thus in Fig 2a a block diagram where encryption is performed 
Ifte^ entropy coding in the encoder is shown. Coding units enter 
I entropy coding block 201. In the block 201 coding the coding 
units are entropy coded using some suitable entropy code^ The 
output from the block 201 is fed to a selector which selects 
suitable encryption method for each entropy coded coding uni . 
some coding units can be selected to not be encrypted at all. 

in response to the selection made in the selector 203 the 
entropy coded coding units are encrypted in a block 205. The 
encrypted coding units together with the not encrypted coding 
“then form a combined output data stream, which can be 

stored or transmitted. 

:: ““ng Lts enter the hecoder^ 

which selects a suitable is not 

coded coding unit, , 1 , 055 

encrypted it is directly transmitted to a block . 

.. t ^ e selection made in the selector 
in response to the s . d in a block 253 using a 

entropy coded coding “ nltS The decrypte d coding units are 

suitable decryption a gori • block 255 the coding units 

then fed to the block 25. ^ 251 ^ from the decryption 

from fed directly rom rombined to form a combined 

block 253 are entropy decoded and combined to ls fed 

output data stream corresponding to the data 

to the entropy coding block 201 in Fig. 2a. 

• ,-he transmission scheme as shown in the 
E ech coding unit in the ^ independent i y encrypted block. 

Figs. 2a and 2b is han ed separately with any user 

Each coding unit can also t units in th e same image 

supplied encryption metho ^ tion methods. The 

can be encrypted with diftere 
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encryption method used can further he an enoryption algorithm 
c^ed with a keyword or a method for generating keywords. 

• . j 0 ran in such an embodiment have 

ni ffprent encryption methods can 1 , , 

° Td 

a s^ol Ihat for each coding unit defines how it is encrypted. 

in Fig 3. a flow chart illustrating different steps carried out 
when encrypting an image are shown. First, in a step 301. an 
i^ge to be partially encrypted is received. The image receive 
in step 301 is then coded using a coding algorithm generating 
independently decodable coding units, e.g. JPEG 2000. 

303. 

_ 305 sonl e of the coding units of the image coded 

Next, in a step 305, c „ -stable encryption method, 

■2 m *r-e encrypted using some suitable encryp 

z: z units that 

een he set in — order 
chose to have codrng uni ^ encrypted coding units 

bih-planes etc^encryp • encrypted are merged into a 

and the coding units wnicn a 

single bit stream. 

in Fig. 4, a flow ^““^"“"ectolding to the method as 
when transmitting 3 is shoW n. Thus, a client 

described in conjunction wit g ’ ient 401 c an then issue 

401 is connected to a server * ^ & partic ular image, step 

a request towards the serv 

405. 

40 , replies by transmitting the coding units of the 
The server 403 replies y 40? The no t encrypted 

image which are not encr ^ ' client w ho now will have 

coding units can be decoded y f the full image, 

access to a low -solution vers on or a par^ ^ ^ access to 

eased on this ^or rh/ full image. Xf so the 

the image in a higne 

SUBSTITUTE SHEET (RULE 26) 




WO 00/31964 



PCT/SE99/02106 



client transmits a request to the server requesting such 
information, step 409. 

The server replies by sending a request to the client requesting 
the client to agree to the conditions for transmitting the 
higher resolution version of the image, step 411. If the client 
agrees via a message 413, e.g. comprising a card number or 
account number from which to bill the cost for the image, the 
server sends the encrypted coding units together with a key wor 
by means of which the encrypted coding units can be decrypted, 
step 415. A secure method for key distribution should be used. 
Examples of such secure methods are described in W. Stallings 
■Data and computer Communications-, p 635 -637, Prentice-Hall 
1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for example if he has purchased a CD-ROM 
with images coded as described herein. The scheme as described 
in conjunction can be modified so that no image data is 
cransmitted. Instead the client only agrees to conditions s y 
the server in order to have access to the key word s h ire 
required to decrypt the encrypted coding units of the CD ROM. 

in the case when the method and device - described herein^ ^ 
used when encoding ^ 9 ^ C °* 0 “ standard does standardise 

is ad ^ ta9 ^ ^ M Encryption Header that is included in the 

=• ~ r." 

the JPEG 2000 Tags can instead ne 
units are decrypted. 

in such an embodiment the JPEG 2000 image header contains an 
.• Plaa (EP) EF is then set if any coding unit is 
Encryption FI g Pfa , der (EH ) should then be appended to 

encrypted. An Encryption Header (EH) snou 

the JPEG 2000 image header and encryption m orma 
optionally be merged into JPEG 2000 Tags. 

In Fig s an encryption header is shown. The Encryption Header 
can in' such an embodiment contain the following symbols. 
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1) Encryption Mode (EM) . A set o£ standard encryption modes are 
defined e.g. 

a) .One encryption method is used for all coding units 

b) Bitplanes of less significance than bitplane X are encryp e 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

No encryption information need to included in the Tags rf an EM 
is defined. 

2) Encryption Mode Parameters (EMP) . parameters (X, X. ...) that 
are used to define the Encryption Mode are set here. 

3 ) number of encryption methods used. Several encryption methods 
can be used within the same image if e.g. different user groups 
should be allowed to see different image content. 

4, One Encryption Method Descriptor (EMD) for each encryption 
method The EMD defines any data that is needed by the 

encryption/ decryption module. The type of encryption algorithm 

is defined. A typical use of EMD will be to include y» 

that is encrypted by a public hey algorithm. The user N> 

private ^ decrypting '*^^ t ^‘X> ri thm to decrypt 

t^C-its. The order of the E»s allocates ^er to 

This number is used in UEb symuw 
each encryption method. This numi; 

5) The bitstream must for each done by setting one 

red and I if sc , by -t _ These 

UBlt T ld Either be collected in the encryption header or 

symbols could ei bitstream as encryption 

alternatively be distn u . ... in the encryption header we 

tf the UES information is kept m the encryp 
tags. If the Encryption State (ES) - ES consists of 

define a header elemen the same order as the 

a series of OES symbols that 
coding units appears in Che bit scream. 

ir be is sec and Che Encryption State is not given in Che 
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. „ „o-r. Ho expanded to contain Unit 

(TO) symbols. defines which anc r^hio n 

■ j f nr encrypting tbs n©xt coding 

method, if any, that xs used for encrypcx g 

unit . 

rscXfaTorTh^^ 

bHelecting appropriate coding units belongxng to the KOI for 
encryption. 

The main problem is that the shape of the ROI might reveal the 
content. If the shapes are encrypted it is. 
to show a reduced quality image since it is diff 
interpret the coded transform coef f xcxents . 

be solved by defining a so called cloaking 
This problem tan ^ ^ q£ „ or several ROI s are 

shape (c-shape . , The c -shape is designed to 

r^al ~t. * Simple example of a c 

shape is a bounding box. 

• -» oot in tbs JPEG 2 0 00 bit 

A c-shape is hont encryption as described in 

stream. The c-s p , JpEG 20 00 verification Model 

charilaos christopou ' teclmique as described therein 

X^re^riHhat the shape is defined in the TO» *000 
header. 

J .he c-shape and the transform 

A mask is created using is coded aud encrypted 

coefficients belonging This will reeult in that 

using the method as desori e ^ the R0IS that are shielded 

all coefficients belonging o£ the R0 Is is thus 

by the c-shape are encrypted. The tex 

protected by encryption. 

The shape of the contains pointers that 

encryption header. corresponding c-shape. 

links encrypted *01 shapes wi ^ ^ckgroond. The c- 

The decoder can now decoa 
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. „„ be displayed as a blank region. The original ROIs can 

r Td if the keyword is known. This is done by decrypting 

" ^ — - - -r of -1“ 

belonging to the c-shape is also decrypted. The bit™ can 
now be rearranged so that the c-shape is dropped and the 
original ROI data structures are restored. Note that thrs is 

done in the compressed domain. 

The mask that is used for encoding a ROI is not ****** defined 
in JPEG 2000. A mask that is sufficiently large so ttot 
is encoded lossless will often cover the whole lower subbands A 
rr/hat is not allowed to expand will lead to a lossy encoding 
of the ROX. The masks belonging to different ROIs or to a ROI 
and the background can be designed to overlap. This means 

some coefficients » " ™ the ROIs 

°r"ore W Independent so chat any ROI can be accessed and decoded 

with a good visual result. 

w oot <5 described herein is not 

The Part- ^ ^ as th# mask is selected 

dependent of the chox be reconstructed from the 

so that the cont ®^ ° background. A method for building a 

content of any other R ROI is described in Charilaos 

uask that *&**•£* C ZeG 2000 Verification Model Version 2.0. 
Christopoulos (ed.) / 

. and device as described herein storage and 
By using the metho oartially encrypted images is 

bandwidth requirements « P oomposici on and processing of 

reduced. Furthermore. o itatad and ROIs can be encrypted, 

encrypted objects are ^ ^ encrypted and the original 

objlc^can^e^ decrypted and restored in the pressed domain. 

Another advantage is siIlce 

performed at the same tun compressed domain (at the 

th e process takes p ace ^ M encod e all images without 

bitstream syntax) P ^ er£ ot™ad just before 

encryption. The encryptio (crans coder) . In this case, 

transmitting the image by a parser 
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12 

aeo<s the bitrate, which will be the case 

:f the encryption increase Kifrate 

if the enc yy TAGS, the increase in bitrate 

“ u ^ — — 

transmitting it. 
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CLAIMS 

x . x method of partially encrypting image data comprising the 

-Coding : the image data using an encoding algorithm generating 

independently deoodahle coding units, 

- encrypting at least one of the coding units, and 

- merging coding units which are not encrypted with coding uni 
which are encrypted into a combined bitstream. 

1 A method according to claim 1, characterized in that the not 
encrypted coding units correspond to a low resolution version 

the image data. 

3 X method according to any of claims 1-2, characterized in 
that different coding units are encrypted using different coding 

methods • 

4. A method according to any of claims 1 “ 3 f is 

that an encryption flag, which indicates if a co 
encrypted, is inserted in the bit stream. 

— t - a when information 

5 . X method Interest is enciypted, 
IITalCrd il that^the shape of the region of interest is 
enclosed in a cloaking shape. 



6. A 
by: 



device for partial encryption of image data characterized 

Cleans for coding the image data a^ord^g^to^encod^ 

means for encrypting at least 
one of the coding units, and encrypted with 

r -:ir« — 

selecting the not encryp da ta. 

to a low resolution version of the i» 9 
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8. A device according to any claims 
-means for- encrypting different coding 
coding methods. 



6-7, characterised by 
units using different 



, A device according to any of clains 6-8, charactered Oy 
means for inserting an encryption flag, which rndfcates 
coding unit is encrypted, in the bit stream. 



10 A device according to any of claims 6-9, 
meins for enclosing a region of interest shape 

shape. 



characterised by 
in a cloaking 
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